Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/1-PCSSvoZ5gUjrr6cIcKCJMpw59c.roa
File: 1-PCSSvoZ5gUjrr6cIcKCJMpw59c.roa (raw, json)
Hash identifier: 6m6hnzoYF0ZzftZwHSSeILoWcOZf0xX+tWNtizpS68E=
Subject key identifier: F8:F0:92:4A:FA:19:E6:05:23:AE:BE:9C:21:C2:82:24:CA:70:E7:D7
Certificate issuer: /CN=27b24fd66efe6dc5c3aab2e2e651a4e207fe62e7
Certificate serial: 018CC6B7C71E70706F1CC6376D069FE5AB6A
Authority key identifier: 27:B2:4F:D6:6E:FE:6D:C5:C3:AA:B2:E2:E6:51:A4:E2:07:FE:62:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/1-PCSSvoZ5gUjrr6cIcKCJMpw59c.roa
Signing time: Mon 01 Jan 2024 20:29:41 +0000
ROA not before: Mon 01 Jan 2024 20:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61073
IP address blocks: 185.183.99.0/24 maxlen: 24
185.51.123.0/24 maxlen: 24
2a04:1680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:c7:1e:70:70:6f:1c:c6:37:6d:06:9f:e5:ab:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27b24fd66efe6dc5c3aab2e2e651a4e207fe62e7
Validity
Not Before: Jan 1 20:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8f0924afa19e60523aebe9c21c28224ca70e7d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1c:82:0d:29:79:84:54:93:8f:b1:34:9f:94:
f9:d7:1c:ac:f8:da:12:8b:24:df:19:75:df:30:97:
f1:d8:07:9c:31:24:24:57:b0:c4:be:71:71:37:56:
b2:21:5e:6b:4c:05:88:0c:de:a2:a3:e0:be:76:fd:
f4:dc:05:6f:08:30:06:bf:96:7f:44:3a:12:af:78:
4c:4d:fd:c1:1a:b1:98:c6:f0:d6:d4:c8:31:b8:0b:
57:f3:33:88:ba:9c:36:d8:cc:a9:98:c7:4b:82:e4:
d1:de:6e:e0:05:e3:cb:3e:b7:d9:9d:02:e4:74:95:
fe:35:1b:71:ad:55:73:6c:5c:d1:5b:8d:a6:ce:36:
50:0e:98:39:46:2c:3e:06:79:af:1a:c8:de:d8:11:
86:fe:ea:4a:8c:7e:2e:2c:9b:29:0c:96:98:bb:46:
6e:61:87:62:a9:75:af:e6:23:71:82:0b:15:4c:bf:
41:e7:72:08:b6:ad:11:e7:ca:0c:ae:36:8a:af:16:
ca:c1:92:7e:f5:86:b6:f1:c8:ee:d0:16:bd:07:0a:
13:76:01:41:ec:55:71:e7:0a:80:bb:e6:77:24:c2:
20:4c:80:a8:f3:5f:52:4c:dd:0a:d7:e0:f8:b5:e5:
10:d8:04:ad:11:4e:28:20:9b:8a:ee:f0:11:1d:e6:
71:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F0:92:4A:FA:19:E6:05:23:AE:BE:9C:21:C2:82:24:CA:70:E7:D7
X509v3 Authority Key Identifier:
keyid:27:B2:4F:D6:6E:FE:6D:C5:C3:AA:B2:E2:E6:51:A4:E2:07:FE:62:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/1-PCSSvoZ5gUjrr6cIcKCJMpw59c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.123.0/24
185.183.99.0/24
IPv6:
2a04:1680::/29
Signature Algorithm: sha256WithRSAEncryption
71:e0:0c:d7:8c:07:06:eb:ce:8c:80:d7:b8:d2:a3:11:52:33:
14:f5:43:fe:6a:57:07:c1:ff:a0:bc:d6:5a:e2:4c:bf:46:c4:
29:6a:e3:4d:2c:4b:1f:1c:4f:46:a5:5b:21:ca:cf:17:24:2e:
d3:26:fd:2b:95:19:be:dc:71:8c:85:64:bc:3e:3b:df:37:dd:
2e:55:da:b7:1d:34:59:9d:72:ef:a2:e6:a6:15:f2:c3:99:59:
a1:c3:cc:fa:11:51:32:18:5d:0e:c6:dd:8a:d6:8c:35:5d:fc:
31:ff:ed:cf:14:b5:8f:5b:b8:00:e7:65:ee:64:cd:b4:81:90:
68:d6:fc:5f:d8:93:64:43:69:5c:f2:58:3e:d0:3c:e0:2f:1d:
39:fc:73:6c:bb:aa:3c:2b:c9:c5:84:63:1b:ac:db:a2:64:69:
aa:54:9f:ea:92:56:f7:8f:3d:2c:58:e5:84:13:e5:03:47:37:
22:0c:70:97:6a:75:96:14:77:09:14:ff:d5:27:3b:f0:45:96:
60:f5:08:ab:d4:ff:07:d9:6b:2a:93:59:36:63:24:14:a6:78:
b8:51:9b:96:e8:03:7c:49:7a:ac:5d:04:af:e6:e5:47:40:0e:
29:d4:ff:f4:11:98:34:a0:3f:48:a1:e7:41:c5:d3:37:16:77:
fc:1c:87:54
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGt8cecHBvHMY3bQaf5atqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YjI0ZmQ2NmVmZTZkYzVjM2FhYjJlMmU2NTFhNGUyMDdm
ZTYyZTcwHhcNMjQwMTAxMjAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGYwOTI0YWZhMTllNjA1MjNhZWJlOWMyMWMyODIyNGNhNzBlN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphyCDSl5hFSTj7E0n5T51xys+NoS
iyTfGXXfMJfx2AecMSQkV7DEvnFxN1ayIV5rTAWIDN6io+C+dv303AVvCDAGv5Z/
RDoSr3hMTf3BGrGYxvDW1MgxuAtX8zOIupw22MypmMdLguTR3m7gBePLPrfZnQLk
dJX+NRtxrVVzbFzRW42mzjZQDpg5Riw+BnmvGsje2BGG/upKjH4uLJspDJaYu0Zu
YYdiqXWv5iNxggsVTL9B53IItq0R58oMrjaKrxbKwZJ+9Ya28cju0Ba9BwoTdgFB
7FVx5wqAu+Z3JMIgTICo819STN0K1+D4teUQ2AStEU4oIJuK7vARHeZxjQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPjwkkr6GeYFI66+nCHCgiTKcOfXMB8GA1UdIwQY
MBaAFCeyT9Zu/m3Fw6qy4uZRpOIH/mLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjdKUDFtNy1iY1hEcXJMaTVsR2s0Z2YtWXVjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iYjAxY2UtYjliMC00YjE1LTk0MDAt
Mzk0ZjUwZDRiYTM4LzEvMS1QQ1NTdm9aNWdVanJyNmNJY0tDSk1wdzU5Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvYmIwMWNlLWI5YjAtNGIxNS05NDAwLTM5NGY1MGQ0YmEz
OC8xL0o3SlAxbTctYmNYRHFyTGk1bEdrNGdmLVl1Yy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEALkzewME
ALm3YzANBAIAAjAHAwUDKgQWgDANBgkqhkiG9w0BAQsFAAOCAQEAceAM14wHBuvO
jIDXuNKjEVIzFPVD/mpXB8H/oLzWWuJMv0bEKWrjTSxLHxxPRqVbIcrPFyQu0yb9
K5UZvtxxjIVkvD473zfdLlXatx00WZ1y76LmphXyw5lZocPM+hFRMhhdDsbditaM
NV38Mf/tzxS1j1u4AOdl7mTNtIGQaNb8X9iTZENpXPJYPtA84C8dOfxzbLuqPCvJ
xYRjG6zbomRpqlSf6pJW9489LFjlhBPlA0c3Igxwl2p1lhR3CRT/1Sc78EWWYPUI
q9T/B9lrKpNZNmMkFKZ4uFGblugDfEl6rF0Er+blR0AOKdT/9BGYNKA/SKHnQcXT
NxZ3/ByHVA==
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:05:38 2024 by rpki-client on console-ams.rpki-client.org